A primary privacy concern for most mobile customers is the question of what happens to information that personally identifies them, commonly called personally identifiable information (PII). They want to know what is collected, how it’s used, how it’s stored, who can access it, and with whom it may be shared. This article attempts to clarify what BlackBerry considers personal information and provides general guidance on how it should be protected. By applying these principles, and otherwise complying with privacy/data protection legislation, third-party app developers will not only help protect customers’ PII, but also help ensure that their apps can remain listed in BlackBerry World. This article builds on previous guidance provided by BlackBerry. With that said, these guidelines are not legal advice, and an app that complies with them is not guaranteed to meet all of a developer’s legal obligations. As always, it is up to app developers to comply with applicable laws, regulations, and standards and to meet the terms of their contracts.

The legal definition of PII can vary widely between legal jurisdictions. Since the vendor may choose to make its app available in BlackBerry World globally, this presents a significant challenge for app developers. As a general rule, however, anyone collecting, using, or disclosing PII is expected to gain consent to do so from the person they are collecting information about. With that said, privacy/data protection legislation may make an exception to this rule, depending on the information or scenario involved. Different types of information or circumstances may also call for different forms of consent. For example, more sensitive PII, such as health or financial data, may require a more explicit and immediate request for consent.

PII is typically defined as information about an identifiable individual. Because of the broad nature of PII definitions in relevant legislation, it is not possible to compile a definitive or comprehensive list of what is PII. The PII Examples in this document are therefore not an exhaustive list or legal advice, but are only intended to provide illustrative examples. The list does not reflect the PII definitions of any particular jurisdiction, and does not replace independent legal advice for app developers about customers in varying jurisdictions. And, of course, the guidance below is also subject to change as the global climate around privacy continues to evolve.

Only collect, use or disclose personal information for purposes that are reasonable. Likewise, only request the permissions your app reasonably needs to perform its intended functions. Do not request or require permissions that your app can function without, and explain why you are seeking the permissions requested.

Consider the Impact of Third-Party Code

If your app includes third-party code, understand how it works, the functionality it provides, and if or how it handles customers’ information. Ensure that appropriate contracts are in place with any third party service that you use. Consider how SDKs and third-party add-ins affect your app. For example, a third-party ad service might access and use PII that your app would not otherwise access.

Get Consents and Implement a Privacy Policy

If your app processes PII, you should have a publicly available privacy policy that complies with applicable law that explains what you do with information you gather. Ensure that your privacy policy is easily available and understandable to users. If you use unexpected practices or process sensitive information, include more explicit user consent explaining your practices and the reasons for them.

Be Accountable

Understand where your app is being sold and what legal privacy protections are in place for users in those locations. Ensure your app and its policies comply with all applicable laws. Please be aware that data collected about minors or children can require additional special protections depending on the particular jurisdiction in which the app is sold.

Be Transparent

Build trust with your customers by explaining clearly and simply how your app works, what data it collects, and what it does with that data. This should include information about whether the information is sent off the device to remote servers. Consider options to explain these aspects, such as a separate link to how the app works or a special notice page in the app.

Secure Your Customers’ Data

If the app collects, accesses, stores, or sends data to an external server, always safeguard that data. Use encryption at all layers, including encrypting the data stored on the phone, and use a secure transport layer for off device access such as SSL or TLS. Limit access to all user data to those who have a legitimate business purpose for accessing the data.

Empower Your Customers to Control Their Information

Give users additional choices and controls, including the use of a Settings menu or privacy-sensitive default settings. For example, if you are collecting additional PII that is not strictly necessary for the app, make it clear to the customer that providing it is optional and allow users to opt out. Consider providing a paid version that doesn’t include ad packages.

PII Examples

When collecting and using customer data, consider whether the data is included in, or similar in nature to, the examples below. Please note that the following is not a definitive or exhaustive list of PII, and it may change or be updated without notice. Developers should consult their own legal counsel when determining what is PII, and what consent(s) or other privacy/data protection practices are appropriate.

Symptoms

After the latest server update of BlackBerry® World™ some vendors may see the following error message when attempting to download applications through the vendor account sandbox:"Unable to update customer device info"

This has not been reported for any scenarios outside of sandbox downloads, so it is not expected to be customer impacting.

Diagnosis

If using a BlackBerry® 10 device and attempting to download an application through the BlackBerry World sandbox using the following steps:

Open BlackBerry World client on device

From the application menu select "Settings"

Select "Development Mode"

Enter the content ID or SKU of the application within your vendor portal that you would like to download.

Should you receive the error "Unable to update customer device info" then please follow the steps outlined in the "Solution" section of this article to perform a workaround which should help get past this error until an update to the BlackBerry World server is released with this issue resolved.

Solution

The workaround is to make an update to the "Screen Name" associated with your BlackBerry ID. Do perform this change:

Open the settings application

Select "BlackBerry ID"

Select the "Edit" action item to bring up the edit screen

Modify your "Screen Name" then click "Back" to save

You should now be able to continue downloading through the BlackBerry World sandbox

Applications created with any of the BlackBerry® PlayBook™ development SDKs that include Payment Services

Applications created with any of the BlackBerry® Smartphone™ development SDKs that include Payment Services

The BlackBerry® World™ sandbox accounts allow developers to test their applications without needing to pay as normal BlackBerry World consumers would; this can be used for testing paid apps or apps that use in-app payments to ensure everything is functioning as expected before posting for sale. Note that sandbox accounts are specific to a Vendor account meaning that a Vendor can add users to their account and allow users to use applications for free posted by that Vendor only.

One very important thing to note about using sandbox accounts which will make the rest of this article make much more sense, when a purchase is made while in the sandbox no money is exchanged and no transaction record generated. Transaction records are what BlackBerry World uses to know a purchase has been made which means a few things:

Trying to retrieve past purchases (including subscriptions) of digital goods from BlackBerry World will not return any results

The Transaction ID of any purchase will always be ‘0’

This means that if you are checking for existing purchases during testing and/or validating or recording the transaction ID values, it would be good to account for the above scenarios which will be encountered when testing.

Applications created with any of the BlackBerry® PlayBook™ development SDKs that include Payment Services

Live testing

Live testing permits you to test the purchase of digital goods against the live Payment Service server without being charged real money. To test your applications live, you must perform the following actions:

Add your application to the vendor portal for the BlackBerry® World™ storefront. Don't send your application to RIM for approval, but keep it in Draft state.

Add digital goods and a release bundle to your application in the vendor portal.

Create a sandbox account by registering your BlackBerry ID in the vendor portal.

After you add your application and digital goods, you can download your application from BlackBerry World and start testing the purchase process against the live Payment Service server.

By registering the BlackBerry ID with the vendor portal, you can use the BlackBerry ID to perform test purchases of applications, as well as digital goods within your applications. When you initiate a purchase, and log in using the BlackBerry ID that you registered with the vendor portal, you can simulate a real purchase without any charges to your account. The BlackBerry ID that you register with the vendor portal can be used only to purchase digital goods from the applications associated with your BlackBerry World vendor account.

Creating a sandbox account

Before you make products available to BlackBerry PlayBook tablet users, you can test the purchase of your products and any digital goods that you sell within your products by creating a sandbox account. When you create a sandbox account, you specify the email address that is associated with a BlackBerry ID. You then use the BlackBerry ID to test the purchase of your products without being charged for the purchases.

When you test a purchase using a sandbox account, BlackBerry World doesn't create a purchase record. If your application calls getExistingPurchases(true), the function doesn't return the purchases that you make using the sandbox account.

On the vendor portal for the BlackBerry World storefront, click Sandbox.

Click Add New User.

In the Email field, type the email address associated with a BlackBerry ID.

In the Description field, type a description for the sandbox account.

Click Create.

Download an application before you make it available for distribution

Add your application, a release bundle, and digital goods in the vendor portal for the BlackBerry World (the application status can remain as Draft).

Create a sandbox account in the vendor portal using a BlackBerry ID.

If your application has any distribution restrictions (such as the BlackBerry device models or BlackBerry Device Software versions that it supports), make sure that the BlackBerry device that you download the application to is compatible with your application, otherwise you won't be able to locate your application in the BlackBerry World storefront If you purchase another vendor's application or digital goods using your BlackBerry ID account that is configured for testing, the transaction is real, not simulated, and your account is charged. You can simulate only the purchases of your own applications and digital goods.

On the home screen of the BlackBerry PlayBook tablet, tap the BlackBerry World icon.

Swipe your finger from the bottom left corner of the screen toward the center of the screen to display the keyboard.

You can use the same BlackBerry ID login information to purchase the digital goods that your application offers.

NOTE: As no charges are incurred when performing Live testing there is no transaction history generated. As such, any simulated purchases will not appear in the transactions history if queried programmatically.

Problem

The following error is reported when attempting to upload a BAR file using the BlackBerry® World™ Vendor Portal.

Package ID already in use

Cause

An BAR file with the same package name has already been uploaded using a different vendor account.

Resolution

If you need to upload multiple versions of your application to different vendor accounts, ensure that you have a unique package name for each vendor account. Keep the package name for each vendor account consistent to prevent issues for users upgrading to newer versions of your application.

Modifying the package name for an existing application will prevent users from upgrading to your new release. If a user attempts to install the new version with the modifed package name the application will appear as a second icon on their device and the upgraded application will not have access to the previous application's saved data.

Problem

The following error is reported when attempting to upload a BAR file using the BlackBerry® World™ Vendor Portal.

File bundle (YOUR_NAME) has been rejected. Package ID is required for all .bar file. If this is an upgrade, Package ID must match Package ID in original file bundle.

Cause

You are attempting to upload a new version of your application, which contains a different package ID than the previous version.

Modifying the package ID for an existing application will prevent users from upgrading to your new release. If a user attempts to install the new version with the modifed package name the application will appear as a second icon on their device and the upgraded application will not have access to the previous application's saved data.

Resolution

The package ID is made up of two components, which are the package name of your application and your BlackBerry® Code Signing Key or BlackBerry® ID account (used to create the BlackBerry ID Token for signing). Ensure that the new version of your application uses the same package name and is signed with the same BlackBerry Code Signing Key or BlackBerry® ID account (used to create the BlackBerry ID Token for signing) as the previous version. If you have linked your BlackBerry Code Signing Key to your BlackBerry ID account, you can sign your with either your BlackBerry Code Signing Key or BlackBerry ID Token (created from the BlackBerry ID account you linked your code signing key to).

Problem

The following error is reported when attempting to make an in application purchase using the BlackBerry® Payment Service.

You have already purchased this item

Cause

The user is attempting to purchase an item that they have already purchased. The list of items available for purchase in the application is out of sync with the list of items already purchased using the BlackBerry Payment Service. This can occur if the application has been re-installed, but has not retrieved a listing of previous purchases made by the user.

Resolution

1. When your application starts up for the first time you should call:

PaymentEngine.getExistingPurchases(true)

This will return them an array of previous purchases from the server. Using this array they need to indicate which items have been previously purchased.

2. If you catch the error “You have already purchased this item” (which should not occur if the approach above is used) you can unlock that item.